Glovo's Fraud Playbook: From Free Lunches to Money Laundering | "What The Fraud?" Podcast

Hello and welcome to What The Fraud?, a podcast by Sumsub, where digital crooks meet their match. I'm Thomas Taraniuk, currently responsible for some of our very exciting partnerships here at Sumsub, a global verification platform helping businesses verify users, companies, and transactions as well. In this episode, we're looking at fraud in the fast-changing industry of delivery goods, groceries, takeaways — even medication. In a marketplace where companies have to meet the demand and the expectations of their customers at the press of a button, how easy is it for fraudsters to find their way in? And who is actually committing the fraud? In this episode, I'm joined by Boris Montin, fintech Risk Director at Glovo, the delivery company that brings you your groceries, your food, your medication, and more to your door in just minutes. Boris, welcome to What The Fraud?

BORIS MONTIN: Amazing to be here.

THOMAS TARANIUK: So, Boris, the on-demand delivery industry has grown fast across every single sector, but with consumer expectations for speed, convenience, and instant gratification, it keeps on increasing. We want our orders delivered almost at the point we hit 'confirm'—and I might be fueling that myself. But rapid growth, combined with the nature of delivery—which is high volumes, multiple touchpoints, and a mix of drivers, merchants, and customers as well—creates more chances for fraud and more gaps for fraudsters to exploit. So, Boris, what's really going on here? You deal with fraud from both sides of the spectrum, from the vendors to the consumers. How does the type of fraud that you see differ from the traditional forms we've seen in other instances or other industries?

Types of fraud in the on-demand delivery industry

BORIS MONTIN: I think sometimes, obviously, they would be the same, but I think they are very different. Today, we have a large marketplace with millions and millions of consumers and 700,000 merchants, as well as couriers. And so the type of fraud that you see on a day-to-day basis differs vastly from one actor to another. And it also differs according to the different regions we have. We serve 22 countries today across Europe, Africa, and Central Asia, and you have so many different behaviors there that it is very difficult to keep up. But that’s the nature of the job. I think we have a very smart team that looks at fraud day in, day out, and their job is to minimize that impact and make sure that this is completely taken care of.

THOMAS TARANIUK: Do you have a preparation plan that you and your team go through when you're going from the 10th country to the 11th, or the 22nd to the 23rd? How do you identify the real risk vectors and challenges of a new country that you haven't experienced yet, with those different challenges?

BORIS MONTIN: First of all, when we think about fraud, we think about the entire journey, right? If we think about consumer fraud, for instance, or the customer, we think about what type of fraud they would commit along the journey. When you sign up, when you browse the application, when you select something, to your payment, to eventually maybe asking for a refund—all of those are touchpoints where you can, or have the opportunity to, commit fraud to an extent. And so we think very carefully about that.

We know that someone out there is a bad actor, and they are trying to essentially get a free lunch or a free dinner on us, and what we're trying to do is ensure that at every touchpoint we have a defense ready. So if we really go top to bottom:

It starts with a signup profile, right? Whenever you sign up to the Glovo platform, we try to understand from the get-go if you are a legitimate actor or not. Maybe we would say, “Hey, you have basically seven, ten, twenty-five different accounts that are coming from the same location using the same attributes, the same traits,” and that's already a bit of a red flag for us.

Suggested read: Multi-Accounting: What Industries are Under Threat and How to Stop It

That is a yellow flag where we're going to start to ask a few questions, and that assessment will continue down the line—like you're trying to benefit from coupons, you're trying to benefit from incentives—and that's where we're going to again ask you more questions.

And that goes all the way down to the checkout experience — making sure that you have valid payment instruments, making sure that you can pay for the order that you're placing. And also, if you claim a refund, we would ask you a lot more questions.

So for us, we have this huge scalable risk platform that takes care of this layer. And then within that you have regional differences—you're mentioning that, for instance, in the African market, we have a lot more cash in the countries just by nature of the business, so you have a lot more cash fraud happening there and more challenging operations than you would have in Spain, where it's a heavy credit-card market and fraud would be a bit more digital. So, you have a lot of different profiles that you see, but I would say, we try to stay on top of it.

THOMAS TARANIUK: Amazing to hear. You mentioned quite a few different things here, including bad actors. It's funny you should also talk about all the different profiles or personas based on geography or even the way individuals pay at the end of the day. I mean, it really makes you think about what fraud actually is. How do you differentiate between the bad actors trying to launder money through Glovo, for example, and those chancers just sitting on their sofa trying out different discount codes to get a free lunch or seeing if they can get their money back on a return—what you'd call soft fraud, for instance?

Differentiating money launderers from 'soft fraudsters' in delivery

BORIS MONTIN: Yeah, it's a good question. I think, if I think out loud, I would vastly differentiate the types of actors we see. We have opportunistic customers who are trying to get a coupon to have a free lunch or something discounted, and it's basically normal people searching the internet: “Hey, what if I have this extra promo code?” or “What if I try to make a new account?” or “What if I claim that my fries never arrived or my burger never arrived—then maybe I'm going to get a refund,” right?

Suggested read: What Is Chargeback Fraud and How to Prevent It

And on the other side, you have professional fraudsters that provide either fraud-as-a-service or are really trying, as you mentioned, to do an attempt at money laundering or something more nefarious. So we really differentiate those two.

On the first side—the opportunistic fraudster—they do it because there’s an opportunity for arbitrage. There is money to be made; there is a free lunch to have somewhere; there is an extra pizza to have for free or whatever package you're buying. It's important for us that we build the right mechanisms in the platform so that we can detect that and tackle it.

I'll give you a fairly standard example: when it comes to new user promotions and we say, “Hey, you're new customers, why don't you have 10 euros or 20 euros or a discount on us so you can test the platform?” Obviously, you would have a lot of people who say, “Hey, that sounds like a good deal, I'm going to try to create a new account, and another one, and another one,” and thousands and thousands of accounts. And that's where we ask a bit more questions and say, “Hey, actually, you know what? We've seen you yesterday, we've seen you the day before. Maybe you're not really a new customer,” and that's where we say, “Okay, maybe try to log in on your main account; maybe you won't be eligible for this promotion.”

The second line of defense is the truly nefarious fraudsters. It's an economy, right? They are also running a business, and their business is usually reselling things. And what we've seen is that they sell, whether it's on Glovo or any type of delivery platform, the service at a cheaper price because they have access to stolen cards or stolen credentials from the black market that they can reuse. And really, it's an economy where they have supply operations, demand operations, and they have operations like any business. From supply, they have to find those stolen credit cards; from demand, they have to generate marketing to attract customers. And from operations, they have to make sure everything works, and they can order from Glovo or any other platform.

And our job within that team is to disrupt that operation because we know that if we slightly affect their unit economics, they will stop bothering us and go to someone else.

So, tying this together between opportunistic customers and fraudsters, the role of the team is to basically define what fraud is. And fraud is either something we define by policy—terms and conditions or something public—or something internal, where we say, “Okay, this behavior we consider unacceptable on the platform.” And then it’s about, “Now that we know what fraud is, how do we tackle it?”

THOMAS TARANIUK: Excellent to hear. It sounds like you've got everything organized internally and externally when you're trying to publicize it as well. And if we're focusing on consumer fraud, you mentioned the bonus abuse, the refund fraud as well. But it sounds like there's a lot behind that in terms of it becoming a business for criminal organizations. You're always going to get those opportunistic people, and fraud will never disappear completely, but how do you decide what's an acceptable level of fraud?

Acceptable level of fraud

BORIS MONTIN: Yeah, it's a good question. It's a question that we think about internally quite often. The ideal answer is zero, right? Tomorrow, I could stop fraud on the platform very easily if I asked you to come to the office for every single order and you asked for your passport, your driving license and, you know, a guarantee. I would have zero fraud on the platform—that’s easy. I would also not have a business, but I would have no fraud.

When we think about acceptable fraud, I think we are actually thinking about an acceptable level of friction on a platform.

And this is a different question. Turning off fraud is very easy—we could do it tomorrow if we wanted to—but how do we do that without at the same time affecting the customer experience? That's the tricky question. We want to make sure that all customers have a magical experience on the platform. As you mentioned, you have a craving; you want to have this instantaneously at your doorstep as soon as possible.

And so what we try to do is always prioritize user experience, always prioritize having a magical day of experience. And what we try to do is, for the fraudsters or for those where we have suspicion of fraud, we're going to ask you a few questions. We're going to put some hurdles so that it creates friction: whether we ask you to verify your card, whether we ask you to complete a challenge, or whether the support team might ask you more questions if you claim a refund.

The perfect level of fraud is zero, but in reality it can be boiled down to an equation because we know how much friction we generate, how much that deters customers from ordering, versus the cost of fraud. It’s an equation that we are always optimising. It’s very different across different markets because behaviors differ, but it’s a completely data-driven approach to minimizing fraud while, at the same time, ensuring the experience is always great.

THOMAS TARANIUK: Always good to put the right level of friction in, I can imagine. Determining that, as you’ve said, might be difficult. Boris, are we all part of the problem? When we try to get the odd free meal or claim a refund for something that isn’t really faulty, we don’t see ourselves as the scammers, right? But does that perception of fraud need to change?

BORIS MONTIN: Yeah, I think it's a good question. I think we've all been there, right? Whenever there's a product that we want to try, a platform that we want to try, we tend to go for the easy route—the route with discounts, promo codes, bonuses, and whatnot. I think it's also our job, as professionals, to educate people that, hey, maybe having the same discount code a thousand times is not something we encourage you to do. That’s why we clarify what fraud is in our terms and conditions. We can say, “This is a new customer promotion. You are not a new customer, so you should not be eligible for that.” And that's fine, if you want to continue ordering on the platform.

What we try to do is remove the incentive to commit fraud, remove the opportunity for you to have a bonus, or a refund, or a claim or compensation. And we have to make sure that the experience you see in the app is seamless and fluid. If I already know from the get-go that it’s you coming back to the platform on a second account, I would adjust the pricing you see in the app so that it doesn't reflect new-promotion discounts. That's the perfect experience, because then, from top to bottom, you have a consistent experience. The worst thing that can happen is you see something discounted and then down the line we tell you, “Actually, you're no longer eligible because you've already been here.”

So yes, I think we have to educate the public, but at the same time we have to do better. We have to make sure that we have a consistent experience, and as soon as we don't have that, of course, people will want an opportunity to have a free lunch.

THOMAS TARANIUK: At the end of the day that might be the case as well, but when we're looking at individuals who are opportunistic, adding that right amount of friction, being able to determine where it might come from and how to put the barriers in place may help, as you've mentioned. But when we're looking at individuals who are nefariously trying to break down the system, find the gaps—and they don't mind the friction, because that free pizza actually adds real value to them—what would you say are the biggest barriers to entry for those criminals? The ones who do want to gain entry, who aren't the opportunists but are doing this on a grander scale—not only at Glovo but at your competitors and other industry leaders as well?

The biggest barriers to entry for criminals

BORIS MONTIN: You know, I've been working for this industry for 10 years now, and I've seen a lot of different groups trying very aggressively to do different things. I think the biggest barrier to entry comes with signup and comes with lock-in. That’s where you need to have a smart layer of protection.

My sentiment is that whenever you shop online, the best experience should always be shoplifting, where you just go to a store, take an item, and leave, and you don't think about payment. That should be the ideal experience. But for fraudsters, we have to add a bit more friction. We have to add more questions. So when I think about those actors, the biggest barrier to entry is making sure that, for instance, we have phone verification implemented—just as easy as that. By making sure people actually verify a phone number to be on the platform, it helps tremendously. Because not only are you verifying an identity, but you’re also making sure that down the line, if there's a problem at the time of delivery, someone can actually call you, or you can call someone to make things better. So really, the first layer of protection starts with signup.

THOMAS TARANIUK: So multi-layered defense across the board for your team at Glovo is essential, right? And this might be tweaked on the basis of different regions, of course, but that is the bulk of the millions of users that you've onboarded and that have accounts with you. But when we look at vendor fraud on the other side of the spectrum as well, how does Glovo monitor or prevent abuse and fraud—such as grand-scale money laundering — on the platform itself?

Preventing money laundering on the platform

BORIS MONTIN: Yeah, it's a good question. I think we also have, obviously, 700,000 partners working with us and counting on us to earn and to make a living. So I think it's very important that we support our partners on this journey. Now, as you mentioned, you also have people who are either opportunistic again or people who are trying to do something at a larger scale. So I think there are a couple of things that we want to do. One is always following the money. It's not just a Netflix rule—it’s also a rule when it comes to compliance and risk. It’s very important that we understand who pays and who gets paid. And if we see large amounts going to the same partners, going to the same merchants, or really large ticket sizes where we see a partner earning on average 500 euros per order, there is something for sure that is fishy going on. And that's where it’s important that we have a compliance-driven approach where, from the get-go, we ask different merchants to provide documentation to verify that they are legitimate and have the right to operate on the platform.

We make sure to track the money as well. We’ve had cases in different geographies where some people were trying to forge documents—which is a lot easier nowadays with AI. We've also had people trying to resell things they should not sell, or sell things at incredibly high, prices. We had cases of rating fraud — boosting their visibility in the app to generate more revenue. There’s always a lot of creativity when it comes to fraud—sometimes tiny things, sometimes massive, large-scale schemes they’re trying to pull off.

THOMAS TARANIUK: Incredible. Fraudsters can get creative, it sounds like. And with all of these creative schemes—whether it's on the review side or laundering vast amounts of money by selling a chocolate bar for 10,000 euros—and with these creative schemes, you might need an army of analysts to make sure nothing’s out of place, unless you’ve got an automated service or tool, or technology to look into this. Do you implement artificial intelligence and machine learning to track different products and the behavior of different vendors when working on your platform?

AI for tracking different vendors

BORIS MONTIN: Absolutely. I think at this scale, you either need an army, or you need to be really smart about what you're doing. We deliver 700 million orders a year, so it's very important for us that we do this at scale and in real time. We cannot afford to put an order on hold to verify the content of the order or verify the legitimacy of either party. All of that needs to run completely in the background, completely invisible to customers, merchants and couriers as well.

So the way we do it is with a number of models: machine learning models detecting anomalies in real time. But at the same time, we have really smart people putting protections in place day in, day out. It's about having the right signals to detect fraud—whether it's fingerprinting, CAPTCHA, verification, or partnering with banks and the payment industry to get more data and more signals.

Once you have the data, machine learning helps, AI helps. I think AI in the world of risk has actually been one of the pioneers because machine learning models are nothing new in risk. We've had models for five, ten years already. It's improving payments, but risk has been one of the industries changed the quickest by AI for sure.

THOMAS TARANIUK: Most definitely. And I think it's on the basis that Glovo and the industry as a whole is growing exponentially since COVID. It means fraudsters are going to target it. And as time goes on, new methods are going to change and we’ll have to catch up. From your perspective, we talked about a number of different fraud types here, but are there any coming out of the gate that are completely new, and you wouldn't have thought existed two or three years ago?

Any new fraud types?

BORIS MONTIN: New? No. There are no new frauds that I see, but I see them coming a lot faster than before.

There are two angles to that. The first is democratization of fraud. Fraud is a lot more popular today than it was 10 years ago, simply because today you can advertise fraud on TikTok, Snapchat, whatever platform, and you can have a tutorial on how to gamify anything you want at your doorstep. And so you have a lot more people, a much bigger audience, tuned into what you need to do to commit fraud.

I've seen hundreds of videos on TikTok and other platforms with clear step-by-step descriptions of how to commit fraud. So not only democratization, but almost the social aspect of fraud, which is bizarre.

The second thing is that over the past five years, fraud is a lot faster. Mobility and food delivery have lower stakes—the average ticket price is 25–30 euros—although if you want to order a phone or laptop it's higher. But in fintech—protecting bank accounts and such—the consequences of fraud are much higher, and here you have to be really sure about what you're doing. AI accelerates the time it takes to do things like phishing. You can do phishing very easily with smart AI voices. It's amazing how fast this is progressing.

So there will probably be more fraud, but at the same time, AI will help us scale fraud measures. Soon it will be machine against machine, and actually it's already the case today.

THOMAS TARANIUK: Boris, I think you've hit the nail on the head, especially with the democratization of fraud and fraud as a service, and tools becoming more accessible to people, and those communities of, let's say, criminals coming together and talking about it on TikTok. How interesting. I mean, from the perspective of now this widespread use of maybe not micro-frauds but smaller-case frauds, is there a trade-off between the rapid expansion and also robust controls from Glovo's team?

BORIS MONTIN: Ideally, no, right? I think that's the job of the team. I think the job of the team is to make fraud protection completely invisible, right? Where you let the majority of customers go through. Where, you know, for 99% or more of the users, you can proceed to check out, proceed to browsing in the application, and buy anything that you want without any kind of questions, right? Because we trust you, because we have a good understanding of who you are. But for that 1%, then we're going to say, you know what? We're willing to make that trade-off. We're willing to ask you a few more questions, and maybe some of you will go to a different platform. Maybe some of you will not proceed to make an order. Maybe you will starve, or maybe you will not deal with your craving, but that's okay. I think we have to make this conscious decision. And again, this is a decision we make with the user data, right? This is not a decision based on subjective information, but based on observable data. I think this is very important in the world of fraud management: all of the decisions you're taking are based on observable data, and you're always trying to optimize that sort of equation.

THOMAS TARANIUK: And of course, consuming that data and also making just decisions on that data must require the use of AI. We talked about AI as a tool for, let's say, the criminals to use to penetrate your system and abuse your controls and the layers that you do have. But what about utilizing AI as a defence as well? Could you tell us a little bit more about that part of your toolkit at Glovo?

BORIS MONTIN: Yeah, absolutely. We have to use some form of automation, some form of AI, because otherwise, you know, we would be severely behind the game. And because we serve so many cities and so many countries and so many different geographies, there is always something happening somewhere. And we need to be on top of it, we need to understand it immediately. Because in the world of fraud, you know, five minutes is an eternity. And we have seen many cases where within five minutes, you know, a breach or within five minutes an issue, you know, we've lost already a lot of money. And so that's where AI can help us be on top of things. Because if we know that something's happening, at least we can react.

The first layer is understanding what is out there. And I think with that also comes having better signals, having better fraud signals, because AI can detect that, because this system or that automation can detect that. And then the second layer is what do we do with this information? Is this a problem we have to address right now, in which case we can deploy new rules or we can deploy changes to the application, we can deploy a new product very quickly to try to bridge that gap. So it's very critical for any system or any platform to have AI or to have some automation, because otherwise you will need a lot of people. Versus you can run a very smooth and secure system with a small team, but with some help.

THOMAS TARANIUK: Absolutely. And of course, streamlining your services and the work that you do directly with consumers, of course, is massively supported and increasingly supported by the use of AI, right? We ask this question to most of our guests because it really is one of the most important parts of working in fraud. How do you protect those customers and keep their trust while still keeping a strong line of defense in place?

How to protect customers and maintain their trust while upholding a strong defense

BORIS MONTIN: Absolutely. I think one thing that we learned over the past five years is that everything should be consistent. I think we discussed previously that, for instance, your pricing experience needs to be consistent but also hyper-tailored and completely sort of upstream. I think in the past, if you look at five, ten years ago, the way a lot of e-commerce was running is that you would, you know, browse the application, you would select what you want to buy, and then you would try to check out. At that moment, risk would be called and say, hey, you know, is this user suspicious or not? And make a decision here and there. And oftentimes it's a bit too late because that customer already knows what they want. They've already selected, you know, they want to have this salad with this extra dressing. A bit too late, and if you say at that point no, then for sure they will walk away, and they will go to a different place.

But if it's upstream and if it's tailored, then you say from the get-go, okay, maybe you know that this specific credit card doesn't have enough funds or that specific credit card has been linked to fraud. Then I'm going to surface from the get-go a different payment instrument. Maybe I'm going to suggest using, you know, PayPal, for instance, or another account, or maybe even cash, right? So by already sort of surfacing a payment instrument that is safe, I can already go on the journey and I don't even create friction for the customer, right? Because I already know I'm going to say no on that account. So why do I go through that process? I can just tailor the experience a bit better. And so I think moving all of the fraud upstream, right, in the journey and making it hyper-tailored to you is what will help consumers have this magical experience. So for us, really, one of the main goals of the team is to minimize friction and to maximize conversion, to maximize orders. As opposed to just looking at fraud, because if you look at fraud, then your incentive is to reduce it to zero. And obviously that's just not always good for business.

THOMAS TARANIUK: I completely agree with you there. As we've been discussing, Glovo operates across many different countries and different continents as well. And with that, perception and expectation of customer service and fraud changes as well. How do you manage that at Glovo across your many different marketplaces?

Customer service and fraud expectations from region to region

BORIS MONTIN: It's a tricky thing for sure. You know, we have different expectations region to region, but even in the same region, we have different expectations depending on the type of product that is purchased. If you purchase electronics, you have different expectations than if you purchase food. I'll give you a quick example, for instance, where on the platform you can actually buy fashion, you can buy, you know, clothes, you can buy clothing. And obviously here the expectation is that if you buy a pair of shoes on a platform and it doesn't fit you, you want to be able to return it, right? Versus obviously if you buy a burger or if you buy a salad, it's going to be a lot harder to return that product to the restaurant. So you already have a lot of different expectations when it comes to your approach with returns, refunds, and also compensation, and that's something that we have to learn how to manage.

When we actually launched this new vertical of fashion and clothing, this was one of the hurdles for us: understanding, okay, how can we sort of serve the business, how can we serve customers while at the same time minimizing fraud? I think we also have differences within countries and geographies. As you can imagine, Spain is vastly different from Kazakhstan, which is vastly different from Tunisia or even Nigeria. And here the expectations are also very different.

We have a lot of cases where—the headquarters are in Spain and obviously, you know, in Spain we try always to understand consumers globally, but sometimes it's not easy to put yourself in the shoes of a customer that is so far away in the world with a very different culture and different things. And we have seen cases where, for instance, either in Nigeria or in Kazakhstan, expectations are very different, and also the types of fraud are very different. One of the things that we have actually seen in Central Asia as a very big fraud vector that does not exist anywhere else in the world, or exists very rarely, was creating fake accounts. And we've seen that very prevalently in markets like Kazakhstan and Kyrgyzstan, where they would basically generate SMS traffic, and the fraud scheme would be as follows, right? So this is quite interesting. You collude as an external party, right? You're a fraudster group. You collude with a telecom provider, and you say, I'm going to generate one million SMS for you, and we're going to share part of the revenue, right? It's going to be a few cents per cost, but you're going to generate millions and millions of revenue because you're going to send a lot of traffic.

And what they would do is basically generate millions of phone verification requests on our platform, and that would make money for them. But they were not interested in Glovo, which was something absolutely interesting, because they were just using us to trigger that SMS to get revenue share. So this is something that we have learned along the years—that every market is unique, and you need to be able to understand every custom, every fraud pattern, to be able to serve the markets.

THOMAS TARANIUK: That's incredible. I mean, from market to market, I imagine you also do work with governing bodies and maybe governments to talk about this sort of thing and talk about the new types of fraud and how to maybe work together in an industry to stop them or at least stymie them, right? I mean, governments and regulators in the UK are stepping up their game a little bit more now. Delivery drivers must now check IDs for age-restricted items. However successful that is, I don't know. While the EU's new Digital Services Act puts greater responsibilities on platforms such as yourself to prevent illegal and harmful activities online, including fraud as well. Boris, do you work with any regulatory bodies as it stands or with your, quote-unquote, competitors, let's say, of Glovo to try and combat fraud together rather than do it separately?

Collaborating with regulatory bodies

BORIS MONTIN: I think it's very important that we come together on this because otherwise, you know, fraudsters will always win, right? And I think, whether it's government, whether it's the industry, whether it's regulators, we all want the same thing: we all want to protect consumers, and we all want them to be able to enjoy the things they enjoy. And so I would personally work also with not just the regulators or some of the members of the different countries, but also with the industry. I'm also very close to some of the industry, some of my peers in the industry, and we talk about, okay, you know, what do we see on each other's domain and how do we prevent that, right? Because in the end we want to make sure that there's no fraud anywhere, basically. But it's very important to have an open dialogue with every country. We have a policy team, a legal team that engages in this conversation with them to make sure that not only on a fraud level, but on a sort of employment level, and all the critical factors, we have a very open conversation with them.

THOMAS TARANIUK: Good to hear. But I imagine consortium data between, let's say, you and other businesses that serve the same customers might be quite difficult to share with customer data and that sort of thing as well.

BORIS MONTIN: Yeah, consortium data is a bit tricky, obviously, to share. Consortium data would be openly sharing data with competitors or at least maybe some anonymized data or encrypted data, which is not something that we want to do at Glovo today. I think we are happy to talk about principles. But, you know, we respect privacy, and I think it's super important that even if it's anonymized data, even if it's encrypted data, that we protect the information of customers and that we do not share that externally. Also, you know, it's very difficult to actually execute on consortium data because every company sort of registers data differently, and sends data differently, and processes the data differently. And so it would require a lot of effort to standardize all of that sort of data consumption across the different companies for that. So it's very difficult to execute. It might make a difference, but I think we are not there yet, for sure.

THOMAS TARANIUK: I see. And from the perspective of what you're doing and building on all of these robust changes as well, it looks like you're definitely on the right path. And when you're looking to the future, Boris, what could you imagine the next five years holds in terms of the changes in fraud types, the regions that you're anticipating going in? I remember asking you a question at the beginning of the podcast: expansion is great, it's exciting on both the vendor and the consumer side, but it also brings challenges as well.

BORIS MONTIN: If I look at fraud as a funnel from the moment you sign up to the moment that you pay something, I think checkout and everything related to online payment is very much a commodity these days.

Fraud at the global level across chargeback should be under control, because it's something that the industry knows how to handle. Because we also have regulation, like PSD2, that helps us attack those fraudsters and prevent fraud. I think that has a very high level of maturity. If I think about other types of fraud, for instance, claims, falsification, coupons, they don't have the same level of maturity. I would expect in five years to have this level of maturity. I would expect in five years to be sort of completely commoditized across those different angles, which means that it's a lot easier to manage, which means that it's a lot easier to detect fraud and act on it. I think the challenge that I will see, I think, obviously would be document forgery. I think that continues to be a challenge across a number of industries.

Obviously, phishing would be a lot more difficult to detect with AI voices and even AI videos. And I think, for a platform like us, as we have a marketplace, a three-legged marketplace, and we try to build financial services on those marketplaces, and we try to expand the fintech ecosystem where, you know, we have value-added services for vendors, value-added services for customers, there will be obviously a new form of fraud there—trying to cash out wallet earnings, trying to do these kinds of things. But I'm also very confident that we will fix it. I think I'm very optimistic about the future. And I do believe that the fraud industry overall will be a lot more commoditized over the next few years.

THOMAS TARANIUK: I agree. I think the future is bright, but only if we collaborate and we work together. And you talked about three different groups, of course, Glovo is working with. And I think at the heart of all of it, and hence why we have this podcast as well, is education. How important is educating the consumers, the vendors, about these different types of fraud and protecting themselves? And you mentioned wallets there, protecting what they've earned and what they need to keep the lights on.

Educating customers and vendors

BORIS MONTIN: It's very important, I think. You know, this is one of the main functions of the fraud team, right? To define what is fraud and how to prevent it. I think we have a duty to educate the ecosystem on how they can protect themselves, and at the same time prevent it. I think it's equally important. I've seen many cases where, you know, unfortunately, in the past 10 years, some merchants may not have been as savvy as others when it comes to protection and have suffered phishing attacks. This is something that I've seen before. I think I've seen the craziest stuff where, you know, five years ago someone was knocking door to door—physically knocking door to door—to collect a platform acceptance fee, which is a fee they made up on the spot to be part of the platform and to accept orders on a platform. And so something as crazy as that where, you know, someone would be bold enough to knock on doors of a physical restaurant to collect a fee. This is something that we have to educate merchants on—educate the public on.

Quick-fire round

THOMAS TARANIUK: Definitely the case. And I think it's a great job that you're doing. Boris, before we go, before we finish up our great conversation, I'd like to close things out with something a little bit fun. Five quick-fire questions, no overthinking. Boris, are you up for it?

BORIS MONTIN: Let's go.

THOMAS TARANIUK: So, first question, Boris: if you could ban one risky online behavior for good, what would it be?

BORIS MONTIN: I would ban web orders. I think, as a platform that is mobile-first, we always have more issues with web than mobile. But I understand that some users prefer to be there.

THOMAS TARANIUK: It's true. Second question, Boris: have you ever been the victim of fraud yourself?

BORIS MONTIN: Absolutely. Very rarely though, because I'm quite cautious, almost paranoid. But I've been a victim of fraud, I think, a year ago where someone bought six months of Zoom subscription in Singapore, which was very funny. But why not?

THOMAS TARANIUK: Oh, wow. How did they get hold of your details?

BORIS MONTIN: I still wonder that question, to be honest.

THOMAS TARANIUK: Oh dear. Well, I always say, check out “Have I Been Pwned” online and you can see which emails have been discreetly publicized or found online. So, third question: what's one fraud myth you wish would disappear?

BORIS MONTIN: I think the biggest myth is that when I have to explain fraud internally or externally, it's: "Why don't you stop it? I think it's easy to spot, no? Like, why haven’t you blocked those actors previously?” I remember a conversation very distinctly that I had close to eight years ago where someone was buying a vodka bottle on a platform for 56 euros, and their response was like, “Why don't you just block orders that are 56 euros?” And then that would somehow magically solve the thing. So I think the “easiness” of fraud is, I think, a big myth.

THOMAS TARANIUK: Yes, certainly need to overcome that. If they did overcome fraud and it was that easy, we'd both be out of a job, Boris, as well.

BORIS MONTIN: Exactly, which would be, to be honest, a very good thing.

THOMAS TARANIUK: Boris, the penultimate question here. Which type of fraud do you think will grow the fastest in the next five years?

BORIS MONTIN: I think refund and compensation, by far. I think I see the fashion industry, the food delivery industry, mobility, airlines—all of them are facing the same issue. I think consumer expectations are a lot harder and everyone is trying to get their money back for whatever reason. I think this is a big challenge. And we've seen, you know, the likes of Amazon, the likes of other fashion brands try to be quite creative on this, but this is a very hard problem to solve.

THOMAS TARANIUK: Super difficult, but I'm all here for it and learning how great companies like Glovo will accomplish it over the long run as well. And the final question—relating to your answer to question three, by the way—if you could have any other career other than the one you're in currently, what would it be?

BORIS MONTIN: I think for a long time I thought, you know, with all of that detective work, I could be a detective. I'm maybe a bit delusional that I could be like a crime detective or like a crime novelist. So I think that would be one of them for sure. But that's more like a dream than something tangible.

THOMAS TARANIUK: Excellent to hear. I love that as a dream as well. And, you know, Sumsub offices here in London are actually based very close to the Sherlock Holmes Museum—detective himself.

BORIS MONTIN: Nice.

THOMAS TARANIUK: Well, excellent, Boris. What great answers and what a great episode of What The Fraud? Really appreciate your time here today. Hope you had as much fun as I did, and I hope the audience learned as much as I did as well.

BORIS MONTIN: Thanks for having me. It was fun.